33 lines
1010 B
TypeScript
33 lines
1010 B
TypeScript
import { NextRequest, NextResponse } from "next/server";
|
|
import { AUTH_COOKIE_DOMAIN } from "@/config/domain.config";
|
|
|
|
const COOKIE_NAME = "pb_session";
|
|
const COOKIE_MAX_AGE = 60 * 60 * 24 * 365; // 365 天,登录态持续有效直至用户主动退出
|
|
|
|
export async function POST(request: NextRequest) {
|
|
const body = await request.json().catch(() => ({}));
|
|
const token = body?.token;
|
|
const record = body?.record;
|
|
if (!token || !record?.id) {
|
|
return NextResponse.json({ ok: false, error: "缺少 token 或 record" }, { status: 400 });
|
|
}
|
|
|
|
const payload = JSON.stringify({
|
|
token,
|
|
userId: record.id,
|
|
email: record.email ?? "",
|
|
});
|
|
const encoded = Buffer.from(payload, "utf-8").toString("base64url");
|
|
|
|
const res = NextResponse.json({ ok: true });
|
|
res.cookies.set(COOKIE_NAME, encoded, {
|
|
domain: AUTH_COOKIE_DOMAIN,
|
|
path: "/",
|
|
maxAge: COOKIE_MAX_AGE,
|
|
secure: process.env.NODE_ENV === "production",
|
|
sameSite: "lax",
|
|
httpOnly: true,
|
|
});
|
|
return res;
|
|
}
|